ClawHub Skill Publisher
PassAudited by ClawScan on May 10, 2026.
Overview
This is a transparent ClawHub publishing helper, but it can install marketplace skills for research, edit your draft, and publish using your ClawHub login, so review its actions before approving them.
This skill appears coherent and instruction-only. Before using it, make sure the agent researches competitor skills as data only, works in the correct local skill directory, shows you diffs for README/SKILL changes, confirms the active ClawHub account, and gets your explicit approval before publishing.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may change README/SKILL content and publish a marketplace listing under the user’s account if the user follows or approves the workflow.
The skill is explicitly intended to edit local skill files and publish them to ClawHub. This is purpose-aligned, but file mutation and public publishing are high-impact actions that should be reviewed by the user before execution.
“patches your files to match marketplace standards, and walks you through `clawhub publish`.”
Review file diffs before accepting patches and require an explicit final confirmation before running `clawhub publish`.
Researching competitor skills may bring untrusted skill artifacts into the local environment.
The workflow installs third-party marketplace skills for research. This is central to the stated purpose and scoped to a temp directory, but the installed content is unpinned and comes from external publishers.
“Install top 3-5 results for analysis” and `clawhub install <slug1> --dir /tmp/ch-research --force`
Install only skills you intend to inspect, use a temporary directory as shown, avoid running installed skills, and consider pinning versions where the ClawHub CLI supports it.
A malicious or poorly written third-party skill document could try to influence the agent while it is being analyzed.
Other skills’ SKILL.md files are instruction-bearing documents. Reading them as research material is expected here, but the agent should treat their contents as untrusted data rather than instructions to follow.
“read their SKILL.md + README.md”
Instruct the agent to extract only marketplace-pattern facts from competitor files and to ignore any commands, role changes, or instructions contained in those files.
Actions taken by the workflow may be attributed to the user’s ClawHub account.
Publishing uses the user’s authenticated ClawHub CLI identity. This is expected for a publisher skill, and the artifacts do not show credential logging, hardcoded secrets, or unrelated account access.
`clawhub whoami` and `clawhub publish ./skills/<your-skill> --slug <your-slug>`
Confirm the active ClawHub account with `clawhub whoami` and publish only after reviewing the final content and metadata.